Security

Researchers have uncovered a bevy of vulnerabilities in smart phones made by multiple vendors, including one in Apple's iPhone that could allow an attacker to execute malicious code without requiring the victim to take any action at all. The iPhone bug allows an attacker to take complete control of the coveted device simply by sending the owner an SMS, or short message service, message, said Charlie Miller, principal analyst at Independent Security Evaluators. He said he informed Apple's security team of the vulnerability several weeks ago and has yet to receive an official response. The vulnerability is the same one Miller discussed three weeks ago, when he said he wasn't sure if it would allow him to do anything other than remotely crash an iPhone. Now that he's had more time to analyze the bug, he says he's confident he can remotely hijack the devices by doing nothing more than sending a malformed SMS message.

Original Article